fix: set expires property to accessToken cookies

labd · Sep 20, 2023 · ebce27a · ebce27a
1 parent 64f0934
commit ebce27a
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/src/tokensource/cookies.ts b/src/tokensource/cookies.ts
@@ -58,10 +58,12 @@ export class CookieTokenSource implements TokenSource {
 	}
 
 	setAccessToken(response: Response, token: string) {
+		const expiresAt = new Date(Date.now() + 1000 * 60 * 60 * 24 * 365);
 		this._setCookie(response, this.cookieNames.accessToken, token, {
 			httpOnly: false,
 			secure: this.options.secure,
 			sameSite: this.options.sameSite,
+			expires: expiresAt,
 		});
 	}
 
@@ -84,10 +86,12 @@ export class CookieTokenSource implements TokenSource {
 	}
 
 	setFingerprint(response: Response, fingerprint: string) {
+		const expiresAt = new Date(Date.now() + 1000 * 60 * 60 * 24 * 365);
 		this._setCookie(response, this.cookieNames.accessTokenHash, fingerprint, {
 			httpOnly: true,
 			secure: this.options.secure,
 			sameSite: this.options.sameSite,
+			expires: expiresAt,
 		});
 	}
 }